Harry Potter targeting users Kaspersky Lab issues October Spam Report
On 17 November 2010 the long-awaited Harry Porter sequel was released. The release of part 6 in June 2009 went more or less unnoticed by the spammers. After all, Michael Jackson's death was more sensational news, but this time there are no distractions. The first messages exploiting the release began to appear in early October where spammers offered users free tickets to the premiere. In order to be among the lucky winners, users were asked to click on the “Submit” button and enter their email address along with other personal data.
Of course, there were no tickets to be won – miracles only happen in the movies JDaniel Radcliffe's portrait was actually being used to advertise a special offer from a deluxe hotel. These are just some of the outcomes of the Kaspersky Lab October Spam Report.
In addition to the above, the amount of spam in mail traffic decreased by 3.7 percentage points and averaged 77.4% for the month. Recently, there have been major changes among the top 20 sources of spam: in September India took over top spot from long-term leader the USA, and the changes continued in October with Russia unexpectedly claiming first place having distributed 11.3% of all spam. For the first time in a long time, the USA dropped out of the top 10 altogether finishing the month in 18th place. India (8.5%), Ukraine (5.6%), the UK (4.7%) and Brazil (4.5%) were the other leading sources in October.
The dramatic reduction in spam traffic originating from the USA was caused by the closure of the Pushdo/Cutwail and Bredolab botnet command centres, both of which made use of networks of zombie computers that were primarily located in the USA. The activities of a similar computer network infected by Bredolab were seriously impaired following intervention by Dutch law enforcement agencies, which resulted in a further reduction in the overall amount of spam.
Operations by law enforcement agencies also affected the various spam categories. The most important change caused by the closure of the Bredolab botnet command centres was a brief decrease in the quantity of spam that contained malicious attachments. The level of pharmaceutical spam was affected by the closure of the Spamlt partner program on 1st October. However, this had a knock-on effect, allowing adverts for pornography and online casino to regain their niche in the spam market. When one partner program closes, the spammers immediately look for other ways to make money. “It's very likely that nearer the end of the year spammers will turn to Christmas-related mailings,” added Maria Namestnikova, Senior Spam Analyst at Kaspersky Lab.
In October, PayPal once again had the unenviable distinction of being targeted most by phishers, accounting for one third of all attacks (61.3%), while there was renewed interest in Facebook (8.4%) after a lull in September. The social networking site ended up taking over second place from eBay (4.5%). The other two most popular targets for phishing attacks were HSBC (4.3%) and Blizzard Entertainment (3.5%), the World of Warcraft developer.
The full version of the spam report for October 2010 is available at www.securelist.com.
About Kaspersky Lab
Kaspersky Lab is the largest antivirus company in Europe. It delivers some of the world's most immediate protection against IT security threats, including viruses, spyware, crimeware, hackers, phishing, and spam. The company is ranked among the world's top four vendors of security solutions for endpoint users. Kaspersky Lab products provide superior detection rates and one of the industry's fastest outbreak response times for home users, SMBs, large enterprises and the mobile computing environment. Kaspersky® technology is also used worldwide inside the products and services of the industry's leading IT security solution providers. Learn more at www.kaspersky.com. For the latest on antivirus, anti-spyware, anti-spam and other IT security issues and trends, visit www.viruslist.com